ASP.NET OWIN sample 404 cannot be found on “/signin-auth0” on reauthenticate

SDKs/Libraries
,
#1

Hi There,

We’d like to migrate to Auth0 but facing some issues integrating.

To reproduce:

  • run the https://github.c
    auth0%20owin%20404%20issue
    auth0%20owin%20404%20issue2563×1570 210 KB
    om/auth0-samples/auth0-aspnet-owin-mvc-samples/tree/master/Quickstart/01-Login sample, login using i.e. facebook everything works
  • hit the back button, universal login loads, hit facebook again
  • sample 404s on signin-auth0 as seen in screenshot

OpenIdConnectAuthenticationNotifications.AuthenticationFailed no fired, how to intercept this and handle this properly? While not common this is clearly an issue that needs graceful handling.

Updating Nuget packages to latest versions does not help.

This is on Windows 10 Visual Studio 2017 latest public versions…

#2

Unfortunately, there does not seem to be an elegant way around this. When the OpenID Connect(OIDC) middleware initially gets invoked, it creates a nonce and stores this in a cookie. When the user completes the authentication on the Auth0 website and gets redirected back to your application, the OIDC middleware validates this nonce, and removes the cookie.

What happens in the scenario you described is that Auth0 once again redirects to your application, but this time around the nonce cannot get validated, because that cookie no longer exists.

I hoped that perhaps the AuthenticationFailed notification would get triggered so you can handle this more elegantly, but, as you pointed out, this does not seem to be the case. So in this scenario, I do not really see a way to handle this gracefully.

You may also try and ask this question on the Katana GitHub repository, since it is their middleware used in this example.

#3

Due to this error, I cannot use the “Sign-In As User” functionality of Auth0. Looking for a resolution.

#4

Did you ever find a solution for this? This is a big reason we chose Auth0, assuming that this functionality would work.

#5

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?

#6